AMD Ryzen CPUs With Serious Security Vulnerability
A new security vulnerability has been discovered in AMD Ryzen CPUs that could lead to data leaks. Which users should be afraid of it?
Cybersecurity researchers Saidgani Musaev and Christof Fetzer, who normally work for the Technical University of Dresden, have discovered new hardware vulnerabilities in AMD Ryzen processors, specifically those based on Zen and Zen 2 architectures. These include the Ryzen 2000 and Ryzen 3000 CPUs, but also laptop models 4000U/H/HS and 5000U. The security vulnerability disclosed by the researchers is deceptively similar to meltdown, detected in 2018, which at the time troubled Intel.
The newly discovered vulnerability, called Transient Execution of Non-canonical Accesses, AMD processors can execute non-canonical loads and store them using only the lower 48 bits of the address. The result of this action can be a data leak, but a vulnerability in the attacked app is also needed. The vulnerability in question was first discovered by Saidgani Musaev and Christof Fetzer in October 2020 - at that time they passed information about it to AMD, which could develop a solution to the problem. As a result, the company recommended that developers re-examine their code for potential security flaws. Affected users should therefore ensure that the software installed on their computers is as up-to-date as possible.